数据未插入MySQL数据库

数据未插入MySQL数据库

问题描述:

I am having issues filling the data from my form into a MySQL database. The form the data is coming from is demographic.php and post to client.php. I get no error in the Apache error log or Firefox developer console, but when I look in the database there's nothing. What am I doing wrong?

Here's the client.php file that been called.

    <?php

    require_once("../auth/config.class.php");
    require_once("../auth/auth.class.php");

    $config = new Config;

    $dbh = new PDO("mysql:host=" . $config->dbhost . ";dbname=" . $config->dbname,  $config->dbuser, $config->dbpass);
    $auth = new Auth($dbh, $config);

    $fname = $_POST["fname"];
    $lname = $_POST["lname"];
    $age = $_POST["age"];
    $address = $_POST["address"];
    $city = $_POST["city"];
    $state = $_POST["state"];
    $zip = $_POST["zip"];
    $relationship = $_POST["relationship"];
    $living = $_POST["living"];
    $dmn = $_POST["dmn"];
    $dmtel = $_POST["dmtel"];



    //Get UID from session class
    $uid = $auth->SessionUID($_COOKIE['authID']);       
    echo $uid;

    try{

        $dbh->beginTransaction();

        $query  = $dbh->prepare("INSERT INTO client VALUES (NULL, $uid, $fname, $lname, $age, $living)");
        $query->execute();
        $cID = $dbh->lastInsertId();

        $query  = $dbh->prepare("INSERT INTO relationship VALUES (NULL, $uid, $cID, $relationship, $dmn, $dmtel) ");
        $query->execute();
        $rID = $dbh->lastInsertId();

        $query = $dbh->prepare("INSERT INTO address VALUES (NULL, $cID, $address, $city, $state, $zip)");
        $query->execute();
        $aID = $dbh->lastInsertId();

        $dbh->commit();
    }

    catch(PDOException  $e){
        $dbh->rollback();
        print "Error!: " . $e->getMessage(). "</br>";
    }
    catch( PDOException $e){
        print "Error!: " . $e->getMessage(). "</br>";
    }




    ?>

Here's the form with the data demographic.php:

<body>
    <script>

        $(document).ready(function()
            {
                $("#submit").click(function()
                    {

                        var formData = $("#client").serializeArray();

                        $.ajax(
                            {
                                type: "POST",
                                url: "../pages/client.php",
                                cache: false,
                                data: formData,
                                dataType: 'json',
                                success: function(login)
                                {

                                    $('#message').html('<p> code: ' + login.code + '</p>');
                                    $('#message').append('<p> message: ' + login.message + '</p>');


                                }

                            });

                        return false;
                    });
            }); 




    </script>


    <div data-role="header">
        <h1>IntelyCare</h1>
        <a href="../views/careplan.php" data-iconshadow="false" data-icon="carat-1" data-iconpos=""  data-rel="" data-ajax="false" class="login">Care Plan</a>
        <a href="../pages/logout.php" data-iconshadow="false" data-icon="carat-1" data-iconpos="" data-rel="" data-ajax="false" class="login">Log Out</a>
    </div>

    <div data-role="main"   data-theme="a" class="ui-content">
        <div data-role="content" >
            <h3> Welcome <strong><?php echo $auth->getSessionUID($_COOKIE[$config->cookiename]); ?></strong></h3>
            <br />
            <h2> Registration</h2>

            <form action="" method="POST" id="client">
                <p>Enter information for person receiving care (Clients)</p>

                <label for="fname">First Name:</label>
                <input  type="text" name="fname" placeholder="First Name"/>
                <br>
                <label  for="lname">Last Name:</label>
                <input  type="text" name="lname" placeholder="Last Name"/>
                <br>
                <label for="age">Age:</label>
                <input  type="number" name="age" placeholder="Age"/>
                <br>
                <label for="address">Address:</label>
                <input  type="text" name="address"  placeholder="Address"/>
                <br />
                <label  for="city">City:</label>
                <input  type="text" name="city" placeholder="City"/>
                <br />
                <label for="state">State:</label>
                <input  type="text" name="state" placeholder="State"/>
                <br />
                <label for="zip">Zip Code:</label>
                <input  type="number" name="zip" placeholder="00000"/>
                <br /


                <label for="relationship" >What's the Relationship to Client</label>
                <select name="relationship" id="relationship" data-native-menu="false" >
                    <option value="Select One" data-placeholder="true">Select..</option>    
                    <option value="Son">Son</option>
                    <option value="Spouse">Spouse</option>
                    <option value="Self">Self</option>  
                    <option value="Daughter">Daughter</option>
                    <option value="Grand Kids">Grand Kids</option>
                    <option value="Other">Other</option>
                </select>

                <br />  

                <label for="living" >What type of living situation</label>
                <select name="living" id="living" data-native-menu="false">
                    <option value="Select One" data-placeholder="true">Select</option>  
                    <option value="Home">Home</option>
                    <option value="W_Caregiver">Home w/Caregiver</option>
                    <option value="inlaw">In-Law</option>
                    <option value="Other">Other</option>
                </select>   
                <br />

                <fieldset data-role="controlgroup" data-type="horizontal" >
                    <legend>Are you the Primary Decision maker?</legend>
                    <input  name="dmy" id="radio-choice-h-5a" value="On" type="radio"/>
                    <label  for="radio-choice-h-5a">Yes</label>
                    <input  name="dmn" id="radio-choice-h-5b" value="Off" type="radio"/>
                    <label  for="radio-choice-h-5b">No</label>

                </fieldset>         

                <br />

                <label  for="dmtel">Your Phone Number:</label>
                <input type="tel" name="dmtel" placeholder="000-000-0000"/>
                <br />

                <button type="submit"   id="submit">Submit</button>
            </form>

        </div>
    </div>

</body>

You don't get errors because you don't check for them. Your SQL queries are failing because you do not have quotes around your string values.

$query  = $dbh->prepare("INSERT INTO client VALUES (NULL, $uid, '$fname', '$lname', $age, $living, NULL, NULL, NULL)");

$query  = $dbh->prepare("INSERT INTO relationship VALUES (NULL, $uid, $cID, '$relationship', '$dmn', '$dmtel') ");

$query = $dbh->prepare("INSERT INTO address VALUES (NULL, $cID, '$address', '$city', '$state', $zip, NULL, NULL)");

FYI, You are wide open to SQL injections. And you shouldn't be because you're already using PDO. You need to take it step further and use prepared statements

.